Y
Hacker News
new
|
ask
|
show
|
jobs
by
tokenizerrr
4098 days ago
The script grabbed document.documentElement.innerHTML and resubmitted it as the new page contents. See my post above regarding CSRF.